<?php
session_start();
session_destroy(); 
session_start();
if (@$_SESSION['auth'] <> "yes") 
{
header('Location: login.php');
exit(); 
} 
// set timeout period in seconds
$inactive = 600;
// check to see if $_SESSION['timeout'] is set
if (isset($_SESSION['timeout']) ) 
{
$session_life = time() - $_SESSION['timeout'];
	if ($session_life > $inactive)
	{
	session_destroy(); 
	header("Location: login.php"); 
	}
}
$_SESSION['timeout'] = time();

?>

